--- a/services/sync/modules/stores.js
+++ b/services/sync/modules/stores.js
@@ -782,16 +782,17 @@ CookieStore.prototype = {
 
 	this._log.info("CookieStore got createCommand: " + command );
         // this assumes command.data fits the nsICookie2 interface
 	this._cookieManager.add( command.data.host,
                                  command.data.path,
                                  command.data.name,
                                  command.data.value,
                                  command.data.isSecure,
+				 command.data.isHttpOnly,
                                  command.data.isSession,
                                  command.data.expiry );
   },
 
   _removeCommand: function CookieStore__removeCommand(command) {
 	// we got a command to remove a cookie from the local browser
         // in order to sync with the server.
         // command.data appears to be equivalent to what wrap() puts in
@@ -817,19 +818,19 @@ CookieStore.prototype = {
         // local copy of the cookie is more-recently modified, it should
         // be kept, but if it's older, it should be replaced with the
         // server's copy.
 
         // The nsICookie interface doesn't seem to include the date/time
         // that the cookie was set -- only the expiry.  TODO: Figure out
         // the best way to deal with this.
         this._log.info("CookieStore got editCommand: " + command );
+
   },
 
-
   wrap: function CookieStore_wrap() {
 	// Return contents of this store, as JSON.
         // A dictionary of cookies where the keys are GUIDs and the
         // values are sub-dictionaries containing all cookie fields.
 
 	let items = {};
 	var iter = this._cookieManager.enumerator;
 	while (iter.hasMoreElements()){

--- a/services/sync/modules/syncCores.js
+++ b/services/sync/modules/syncCores.js
@@ -444,40 +444,57 @@ CookieSyncCore.prototype = {
                              getService(Ci.nsICookieManager2);
     // need the 2nd revision of the ICookieManager interface
     // because it supports add() and the 1st one doesn't.
     return this.__cookieManager
   },
 
 
   _itemExists: function CSC__itemExists(GUID) {
-        // true if a cookie with the given GUID exists.
-	// The GUID that we are passed should correspond to the keys
-	// that we define in the JSON returned by CookieStore.wrap()
-	// That is, it will be a string of the form
-	// "host:path:name".
-
-	// TODO verify that colons can't normally appear in any of
-	// the fields -- if they did it then we can't rely on .split(":")
-	// to parse correctly.
+    /* true if a cookie with the given GUID exists.
+       The GUID that we are passed should correspond to the keys
+       that we define in the JSON returned by CookieStore.wrap()
+       That is, it will be a string of the form
+       "host:path:name". */
+    
+    /* TODO verify that colons can't normally appear in any of
+       the fields -- if they did it then we can't rely on .split(":")
+       to parse correctly.*/
+    
+    let cookieArray = GUID.split( ":" );
+    let cookieHost = cookieArray[0];
+    let cookiePath = cookieArray[1];
+    let cookieName = cookieArray[2];
 
-        let unused = 0; // for outparam from findMatchingCookie
-	let cookieArray = GUID.split( ":" );
-        // create a generic object to represent the cookie -- just has
-	// to implement nsICookie2 interface.
-	cookie = Object();
-	cookie.host = cookieArray[0];
-	cookie.path = cookieArray[1];
-	cookie.name = cookieArray[2];
-    	return this._cookieManager.findMatchingCookie( cookie, unused );
+    /* alternate implementation would be to instantiate a cookie from
+       cookieHost, cookiePath, and cookieName, then call 
+       cookieManager.cookieExists(). Maybe that would have better
+       performance?  This implementation seems pretty slow.*/
+    let enumerator = this._cookieManager.enumerator;
+    while (enumerator.hasMoreElements())
+      {
+	let aCookie = enumerator.getNext();
+	if (aCookie.host == cookieHost &&
+	    aCookie.path == cookiePath &&
+	    aCookie.name == cookieName ) {
+	  return true;
+	}
+      }
+    return false;
+    /* Note: We can't just call cookieManager.cookieExists() with a generic
+       javascript object with .host, .path, and .name attributes attatched.
+       cookieExists is implemented in C and does a hard static_cast to an
+       nsCookie object, so duck typing doesn't work (and in fact makes 
+       Firefox hard-crash as the static_cast returns null and is not checked.)
+    */
   },
 
   _commandLike: function CSC_commandLike(a, b) {
-        // Method required to be overridden.
-        // a and b each have a .data and a .GUID
-	// If this function returns true, an editCommand will be
-	// generated to try to resolve the thing.
-	// but are a and b objects of the type in the Store or
-	// are they "commands"??
-        return false;
+    // Method required to be overridden.
+    // a and b each have a .data and a .GUID
+    // If this function returns true, an editCommand will be
+    // generated to try to resolve the thing.
+    // but are a and b objects of the type in the Store or
+    // are they "commands"??
+    return false;
   }
 };
 CookieSyncCore.prototype.__proto__ = new SyncCore();